Email OTP

PreviousDuplicate NextRadius

Last updated 7 months ago

Was this helpful?

Create

post

Create a new Email OTP MFA.

Body

namestring | nullablerequired

The name of the target Multi Factor Authentication. This must be the actual Multi Factor Authentication name used in the RAS farm.

siteIdinteger · int32optional

Site ID in which to modify the specified Multi Factor Authentication. If the parameter is omitted, the site ID of the Licensing Server will be used.

descriptionstring | nullableoptional

A user-defined Multi Factor Authentication description.

enabledbooleanoptional

Enable or disable the Multi Factor Authentication upon creation. If the parameter is omitted, the Multi Factor Authentication is initialised as Disabled.

displayNamestring | nullablerequired

RADIUS type name.

userEnrollmentstring · enumoptional

User Enrollment

Options: 0 = Allow,1 = AllowUntil,2 = DoNotAllow

showInformationForUnenrolledUsersstring · enumoptional

Show information for unenrolled users

Options: 0 = Always,1 = IfEnrollmentIsAllowed,2 = Never

untilDateTimestring · date-time | nullableoptional

Allow User Enrollment until date/time

otpLifespanSecinteger · int32 | nullableoptional

The lifespan of the OTP (seconds)

externalEmailStoragestring · enumoptional

External email storage

Options: 0 = RASDatabase,1 = ADMail,2 = ADCustom

emailContentstring | nullableoptional

The content of the email. Possible variables: %OTP%, %DURATION%

emailSubjectstring | nullableoptional

The subject of the email. Possible variables: %OTP%

userMessagePromptstring | nullableoptional

User message prompt

adCustomAttributestring | nullableoptional

AD Custom Attribute

allowEnrollExternalEmailboolean | nullableoptional

Allow enrollment of external email

otpLengthinteger · int32 | nullableoptional

The length of the OTP generated

Responses

application/json; api-version=1.0

cURL

JavaScript

Python

HTTP

curl -L \
  --request POST \
  --url '/api/MFA/EmailOTP' \
  --header 'Content-Type: application/json; api-version=1.0' \
  --data '{
    "name": "text",
    "siteId": 1,
    "description": "text",
    "enabled": true,
    "displayName": "text",
    "userEnrollment": [
      "0 = Allow",
      "1 = AllowUntil",
      "2 = DoNotAllow"
    ],
    "showInformationForUnenrolledUsers": [
      "0 = Always",
      "1 = IfEnrollmentIsAllowed",
      "2 = Never"
    ],
    "untilDateTime": "2025-03-24T01:02:12.122Z",
    "otpLifespanSec": 1,
    "externalEmailStorage": [
      "0 = RASDatabase",
      "1 = ADMail",
      "2 = ADCustom"
    ],
    "emailContent": "text",
    "emailSubject": "text",
    "userMessagePrompt": "text",
    "adCustomAttribute": "text",
    "allowEnrollExternalEmail": true,
    "otpLength": 1
  }'

201

401

409

{
  "id": 1,
  "adminCreate": "text",
  "adminLastMod": "text",
  "timeCreate": "2025-03-24T01:02:12.122Z",
  "timeLastMod": "2025-03-24T01:02:12.122Z",
  "name": "text",
  "siteId": 1,
  "description": "text",
  "enabled": true,
  "type": [
    "1 = Deepnet",
    "2 = SafeNet",
    "3 = Radius",
    "4 = AzureRadius",
    "5 = DuoRadius",
    "6 = FortiRadius",
    "7 = TekRadius",
    "8 = GAuthTOTP",
    "9 = TOTP",
    "10 = MicrosoftTOTP",
    "11 = EmailOTP"
  ],
  "inheritDefaultCriteriaSettings": true,
  "criteria": {
    "securityPrincipals": {
      "enabled": true,
      "matchingMode": [
        "0 = IsNotOneOfTheFollowing",
        "1 = IsOneOfTheFollowing"
      ],
      "members": [
        {
          "account": "text",
          "type": [
            "1 = User",
            "2 = Group",
            "3 = ForeignSecurityPrincipal",
            "4 = Computer"
          ],
          "sid": "text"
        }
      ]
    },
    "gateways": {
      "enabled": true,
      "matchingMode": [
        "0 = IsNotOneOfTheFollowing",
        "1 = IsOneOfTheFollowing"
      ],
      "members": [
        {
          "gatewayIP": "text"
        }
      ]
    },
    "oSs": {
      "enabled": true,
      "matchingMode": [
        "0 = IsNotOneOfTheFollowing",
        "1 = IsOneOfTheFollowing"
      ],
      "allowedOSes": {
        "chrome": true,
        "android": true,
        "webClient": true,
        "iOS": true,
        "linux": true,
        "mac": true,
        "wyse": true,
        "windows": true
      }
    },
    "iPs": {
      "enabled": true,
      "matchingMode": [
        "0 = IsNotOneOfTheFollowing",
        "1 = IsOneOfTheFollowing"
      ],
      "allowedIPs": {
        "iPv4s": [
          {
            "from": "text",
            "to": "text"
          }
        ],
        "iPv6s": [
          {
            "from": "text",
            "to": "text"
          }
        ]
      }
    },
    "hardwareIDs": {
      "enabled": true,
      "matchingMode": [
        "0 = IsNotOneOfTheFollowing",
        "1 = IsOneOfTheFollowing"
      ],
      "members": [
        {
          "hardwareID": "text"
        }
      ]
    },
    "access": [
      "0 = DenyCriteriaWhen",
      "1 = AllowCriteriaWhen"
    ],
    "devices": {
      "enabled": true,
      "matchingMode": [
        "0 = IsNotOneOfTheFollowing",
        "1 = IsOneOfTheFollowing"
      ],
      "members": [
        {
          "client": "text"
        }
      ]
    }
  },
  "displayName": "text",
  "userEnrollment": [
    "0 = Allow",
    "1 = AllowUntil",
    "2 = DoNotAllow"
  ],
  "showInformationForUnenrolledUsers": [
    "0 = Always",
    "1 = IfEnrollmentIsAllowed",
    "2 = Never"
  ],
  "untilDateTime": "2025-03-24T01:02:12.122Z",
  "otpLifespanSec": 1,
  "externalEmailStorage": [
    "0 = RASDatabase",
    "1 = ADMail",
    "2 = ADCustom"
  ],
  "emailContent": "text",
  "emailSubject": "text",
  "userMessagePrompt": "text",
  "adCustomAttribute": "text",
  "allowEnrollExternalEmail": true,
  "otpLength": 1
}

Created

Update

put

Update the Email OTP MFA Site Settings.

Path parameters

idinteger · int32required

The ID for which to modify the MFA settings.

Body

namestring | nullableoptional

The new name of the target multi-factor authentication .

descriptionstring | nullableoptional

A user-defined multi-factor authentication description.

enabledboolean | nullableoptional

Enable or disable the specified multi-factor authentication in a site.

inheritDefaultCriteriaSettingsboolean | nullableoptional

If true default criteria settings will be inherited.